vbatts/cri-o
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Merge pull request #1149 from weiwei04/share_pid_namespace

Browse source 
share pid namespace for Pod container
This commit is contained in:
Mrunal Patel 2017-11-17 08:12:49 -10:00 committed by GitHub
commit d68da8929a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
8 changed files with 96 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

8
server/container_create.go
View file

@ -921,9 +921,15 @@ func (s *Server) createSandboxContainer(ctx context.Context, containerID string,
return nil, err
}
// Do not share pid ns for now
if containerConfig.GetLinux().GetSecurityContext().GetNamespaceOptions().GetHostPid() {
// kubernetes PodSpec specify to use Host PID namespace
specgen.RemoveLinuxNamespace(string(rspec.PIDNamespace))
} else if !s.config.DisableSharedPIDNamespace {
// share Pod PID namespace
pidNsPath := fmt.Sprintf("/proc/%d/ns/pid", podInfraState.Pid)
if err := specgen.AddOrReplaceLinuxNamespace(string(rspec.PIDNamespace), pidNsPath); err != nil {
return nil, err
}
}
netNsPath := sb.NetNsPath()